<?php
//PDO的添加方法
function add($arr){
	//$link=mysqli_connect("127.0.0.1", "root", "root", "news");
	$pdo = new PDO("mysql:host=127.0.0.1;dbname=news","root","keyan");
	//$link->query("set names utf8");
	$pdo->query("set names utf8");
	$keys = array_keys($arr);
	$keys= join(",",$keys);
	$vals =array_values($arr);
	$valu='';
	foreach($vals as $v){
		$valu[]="?";
	}
	$valu = join(",", $valu);
	$sql = "insert into newstypes ($keys) values ($valu)";
	$pdos=$pdo->prepare($sql);//预执行
	$re=$pdos->execute($vals);//执行	
	if($re){
		return true;
	}else{
		return false;
	}
}
$arr= array("typeName"=>"'or 5=4#","articleNums"=>"123");
//$re=add($arr);
var_dump(true);